Virtual currency system

ABSTRACT

A system including a network connected to at least one mint computing device implementing a virtual currency mint. The network has a ring topology and includes computing devices that implement a plurality of nodes. The mint issues units of virtual currency to user accounts implemented by the nodes. Each of at least a portion of the nodes is configured to initiate (as a sender node) a transaction with a recipient node that transfers at least one unit of the virtual currency from a sender one of the user accounts to a recipient one of the user accounts. The recipient node validates the transaction, creates a receipt, performs an operation on the receipt to identify a storage node, and routes the receipt to the storage node. The storage node stores the receipt, identifies next storage nodes, and routes copies of the receipt to the next storage nodes for storage thereby.

BACKGROUND OF THE INVENTION

1. Field of the Invention

Example embodiments of the present invention are directed generally tosystems and methods that implement virtual currencies.

2. Description of the Related Art

The following description includes information that may be useful inunderstanding the present invention. It is not an admission that any ofthe information provided herein is prior art or relevant to thepresently claimed invention, or that any publication specifically orimplicitly referenced is prior art.

Traditional face-to-face cash transactions may be characterized ashaving four attributes (1) direct transmission, (2) irreversibility, (3)price stability, and (4) functionally (or effectively) unlimitedliquidity. The first attribute, direct transmission, means a transactioncan be conducted without the need to interact with a bank or some otherform of a central clearing authority. The second attribute,irreversibility, refers to the inability of a sender to recall atransferred instrument (e.g., cash) from a recipient after thetransaction has been authorized by the sender and confirmed as havingbeen received by the recipient.

In contrast, reversibility refers to the ability to reverse or cancel apayment as a function of the payment system, not the legal right toreturn defective goods or to demand refund for services or goods notprovided because of the transaction itself. Consumer protections withrespect to the provision of contracted wares or services are an entirelyseparate issue. Instead, what is referred to in this context is theability to reverse a payment itself by virtue of he system used toprovide the payment. For example, a first consumer who purchases a bookwith cash, and a second customer who purchases a book from the samemerchant via the merchant's online bookstore using a credit card havethe same contractual entitlements with respect to the provision ofgoods, ability to return the books, etc. However, the introduction ofthe financial intermediaries during the credit card transaction, ineffect, provides the second customer with an additional avenue ofrecourse, namely transaction reversal, or “chargeback,” provided by thepayment method. Unfortunately, such reversals may occur several monthsafter the date of the transaction.

The third attribute, price stability, refers to the stability of thevalue of the instrument, particularly in relation to an operatingcurrency or currencies of the recipient. The fourth attribute,functionally (or effectively) unlimited liquidity, means the instrumentis marketable or sufficiently tradable (purchasable or sellable).

With the emergence of the Internet and, subsequently, the World WideWeb, merchants immediately recognized and sought to capitalize on theseemingly limitless commercial potential of virtual, remote access toglobal markets. As a result, such merchants and existing financialinstitutions sought to find ways to employ, or adapt the availablefinancial infrastructure, to enable remote transactions over this newcommunication medium. Thus, ecommerce was born.

All ecommerce transactions may be characterized as being remotetransactions. Thus, ecommerce cannot be conducted using traditionalface-to-face cash transactions. Therefore, existing systems were adaptedfor use within the new, remote virtualized ecommerce environment. It isworth bearing in mind that systems in existence before the introductionof ecommerce were not designed to facilitate efficient remotetransactions of this kind and on this scale. Instead, these pre-existingsystems were adopted for and adapted to this use.

If ecommerce transactions are conducted in an official currency of astable government (e.g., U.S. dollars), the transactions will have thethird and fourth attributes, price stability, and functionally (oreffectively) unlimited liquidity, respectively. Nevertheless, suchecommerce transactions will lack the first and second attributes, directtransmission, and irreversibility, respectively, of traditionalface-to-face cash transactions because ecommerce on the Internettypically relies almost exclusively on financial intercessors (banks andfinancial institutions, card associations, etc.) that function as thirdparty intermediaries (or centralized authorities) to process and clearelectronic payments. Conventional ecommerce systems are predicated ontrust-based systems that require these centralized authorities tovalidate and dear submitted transactions. Thus, conventional ecommercetransactions lack the first attribute, direct transmission.

While the existing systems function passably for many classes oftransactions, from a merchant processing perspective, they suffer fromfundamental constraints (and costs) inherent in the centralized,trust-based model. For example, within such systems, irreversibletransactions are not possible, because the third-party financialintermediaries must mediate transactional disputes. Thus, conventionalecommerce transactions lack the second attribute, irreversibility, oftraditional face-to-face cash transactions.

The interposition of these intermediaries has the effect of shiftingboth the practical onus of validating transactions and transaction coststhat fund the intermediaries to the merchants. Such transactions costsmay include per-transaction processing fees charged by intermediaries.Unfortunately, these costs erode profit margins and/or are passed on asincremental fees to potential customers. Further, intermediaries mayimpose systemic penalties and/or constraints. For example, third partyintermediaries and associated clearance infrastructure (e.g., acquiringbanks, card associations, etc.) may impose restrictions as to thenature, size, and source of transactions between a customer and themerchant. While some intermediated systems are efficient (e.g., creditcards), others can take hours or days to dear (e.g., electronic fundstransfers (“EFT”), debit (“DBT”) card transactions, money wires, and thelike).

Transaction reversal exposes merchants to immense incremental costs andrisks, which may include direct costs associated with irretrievably lostgoods, associated shipment fees in the event of fraudulent reversals,costs associated with licensing, developing, and/or maintaining systemsthat detect and mitigate fraud, wages of personnel required to manageinternal controls and investigate, mediate or prosecute fraud, and bankand/or processor charges and reversal fees. To exacerbate matters formerchants that accept credit card payments, the acquiring facilityitself may be jeopardized if chargebacks exceed specified thresholds.

There are additional problems inherent with the use of intermediaries tofacilitate ecommerce transactions. For example, financial intermediariesact as de facto “gatekeepers” to ecommerce because without the‘permission’ of such intermediaries (e.g., a bank or other processinginfrastructure), conventional ecommerce cannot be conducted. Merchantsare dis-incented or precluded from offering certain categories ofproducts or from offering irreversible services due to potential paymentreversal risks. Merchants must adopt aggressive know-your-customer(“KYC”) policies and a “defensive” stance with respect to theircustomers to provide recourse in the event of fraud, further impairingthe customer experience and impeding sales conversions. As isappreciated by those of ordinary skill in the art, KYC or “know yourclient” protocols are due diligence practices adopted to ascertaincertain information from a particular client used to establish identityand bona fides prior to doing business with that particular client. Moregenerally, “KYC” refers to the general practice of gathering informationabout a potential customer to ensure the potential customer's identity(e.g., to satisfy a compliance obligation, and/or mitigate againstpotential future fraud). Because banks have a significant KYC regulatoryburden, interposing a bank (as a financial intermediary) imposes thebank's KYC requirements on those merchants that wish to process paymentsthrough the bank.

Thus, a structural consequence of using a financial intermediaryoperating in a trust-based system is that merchants are compelled toabsorb and accommodate unavoidable expenses, risks, and operationalconstraints. Even in the face of such costs and constraints, however,the opportunity that the Internet and ecommerce present to merchants issimply too enormous to ignore. Therefore, merchants have traditionallysimply accepted such realities as systemically unavoidable, and resignedthemselves to such losses and expenses as unavoidable “costs of doingbusiness” online.

To address some of the problems associated with traditional ecommercesystems, alternative payment technologies and networks have beendeveloped, such as FACEBOOK® Credits, AMAZON® Coins, traditional“e-wallets,” “e-purses,” GOOGLE® Wallet, and pre-paid debit cards. Suchalternatives may be referred to as “e-money” or “virtual currency” or“e-cash.” Nonetheless, like ecommerce transactions conducted using anintermediary, each of these alternative payment technologies andnetworks lacks one or more of the four attributes of traditionalface-to-face cash transactions.

Therefore, a need exists for methods and systems that implement avirtual currency and transactions in the digital or on-line world usingthat virtual currency that have the four attributes of face-to-face cashtransactions. The present application provides these and otheradvantages as will be apparent from the following detailed descriptionand accompanying figures.

SUMMARY OF THE INVENTION

Embodiments include a system that includes a network and at least onemint computing device connected to the network. The network includes aplurality of computing devices and may have a ring topology. Theplurality of computing devices implement a plurality of nodes. At leasta portion of the plurality of nodes implement user accounts that eachstore units of a virtual currency. The plurality of nodes are incapableof creating units of the virtual currency. The at least one mintcomputing device implements a virtual currency mint configured to createand issue units of the virtual currency to the user accounts implementedby the plurality of nodes. The user accounts are configured to receiveand store units of the virtual currency issued by the virtual currencymint. The virtual currency mint may create and issue units of thevirtual currency to the user accounts in exchange for units of a realworld currency. Optionally, the virtual currency mint may be configuredto receive units of the virtual currency from the user accounts, andexchange those received units for units of a real world currency.

Each of at least a portion of the nodes is configured to initiate atransaction as a sender node with a different recipient one of theplurality of nodes. The transaction transfers at least one unit of thevirtual currency from a sender one of the user accounts to a recipientone of the user accounts. The recipient node is configured to validatethe transaction, create a new transaction receipt after validating thetransaction, perform an operation on the new transaction receipt toidentify a different storage one of the plurality of nodes, and routethe new transaction receipt to the storage node. The recipient nodevalidates the transaction without involving a validation authority. Therecipient node may obtain validation information from only a subset ofthe plurality of nodes, and validate the transaction based on thevalidation information. Such validation information may include copiesof a plurality of transaction receipts associated with the senderaccount. The storage node is configured to store the new transactionreceipt, identify next storage ones of the plurality of nodes, and routecopies of the new transaction receipt to the next storage nodes forstorage thereby. Each of the next storage nodes may be implemented by adifferent one of the plurality of computing devices directly connectedto the third computing device in the network.

The sender node may be implemented by a first of the plurality ofcomputing devices, the recipient node may be implemented by a second ofthe plurality of computing devices, and the storage node may beimplemented by a third of the plurality of computing devices. The first,second, and third computing devices may be different from one another.

The sender node may be configured to obtain a copy of the newtransaction receipt, and store the copy in a local storage accessible tothe sender node. In such embodiments, the local storage may store aplurality of transaction receipts associated with the sender account. Insuch embodiments, initialing the transaction may include obtainingcopies of the transaction receipts associated with the sender accountand stored in the local storage, creating a transaction request thatincludes the copies of the transaction receipts, and sending thetransaction request to the recipient node. Optionally, the transactionreceipts associated with the sender account and stored in the localstorage implement a doubly linked list. The copies of the transactionreceipts in the transaction request may be first copies of thetransaction receipts. In such embodiments, the recipient node may beconfigured to send requests to at least a portion of the plurality ofnodes for copies of any transaction receipts associated with the senderaccount, receive (as second copies of the transaction receipts)transaction receipts associated with the sender account from each ofonly a subset of the plurality of nodes, and validate the transactionbased on the first and second copies of the transaction receipts.

In some embodiments of the system, each of the plurality of computingdevices stores a local copy of a distributed hash table. In suchembodiments, the sender node may be implemented by a sender one of theplurality of computing devices; and the recipient account may beassociated with an account identifier. The sender node may be configuredto lookup the account identifier in the local copy of the distributedhash table stored on the sender computing device to obtain a recipientaddress. In such embodiments, initiating the transaction includessending a transaction request to the recipient address.

In embodiments of the system in which each of the plurality of computingdevices stores a local copy of a distributed hash table, the recipientnode may be implemented by a recipient one of the plurality of computingdevices, and the operation performed on the new transaction receipt bythe recipient node may include performing a hash function on at least aportion of the new transaction receipt to obtain a hash value. Therecipient computing device may look up the hash value in the distributedhash table stored on the recipient computing device to obtain an addressassociated with the storage node. In such embodiments, routing the newtransaction receipt to the storage node includes routing the newtransaction receipt to the address associated with the storage node.

Embodiments include a first computer-implemented method. The firstmethod includes implementing a sender node at a sender one of aplurality of computing devices within a network having a ring topology.The sender node includes a sender account. Each of the plurality ofcomputing devices within the network may be incapable of creating one ormore units of a virtual currency. The first method further includesimplementing, by at least one mint computing device connected to thenetwork, a virtual currency mint. The virtual currency mint createsunits of the virtual currency, and issues at least one of the units ofthe virtual currency to the sender account.

The first method further includes identifying, at the sender node, arecipient one of the plurality of computing devices within the network.The recipient computing device implements a recipient node that includesa recipient account. The sender node initiates a transaction with therecipient node. The transaction transfers at least one unit of thevirtual currency issued to the sender account from the sender account tothe recipient account. The recipient node validates the transaction,creates a new transaction receipt after the transaction has beenvalidated, performs an operation on the new transaction receipt toobtain a value, and identifies a storage one of the plurality ofcomputing devices within the network using the value. The storagecomputing device implements a storage node. The first method furtherincludes routing, by the recipient node, the new transaction receipt tothe storage node. The storage node stores the new transaction receipt,and identifies next storage ones of the plurality of computing deviceswithin the network. The next computing devices implement next storagenodes. The storage node routes copies of the new transaction receipt tothe next storage nodes for storage thereby. The next storage computingdevices may be directly connected to the storage computing device in thenetwork.

In some embodiments of the first method, after the new transactionreceipt has been routed to the storage node, the transaction isirreversible. Optionally, the sender, recipient, storage computingdevices may be different from one another.

In some embodiments of the first method, each of the plurality ofcomputing devices may store a local copy of a distributed hash table. Insuch embodiments, the recipient account is associated with an accountidentifier, and identifying the recipient computing device includeslooking up the account identifier in the local copy of the distributedhash table stored on the sender computing device to obtain an address ofthe recipient computing device. The value may be a hash value, and theoperation performed on the new transaction receipt at the recipient nodemay include performing a hash function on at least a portion of the newtransaction receipt to obtain the hash value. In such embodiments,identifying the storage computing device using the value includeslooking up the hash value in the distributed hash table stored on therecipient computing device to obtain an address associated with thestorage computing device; and routing the new transaction receipt to thestorage node includes routing the new transaction receipt to the addressassociated with the storage computing device.

In some embodiments of the first method, the sender node includes alocal storage storing a plurality of transaction receipts associatedwith the sender account. In such embodiments, initiating the transactionat the sender node may include obtaining copies of the transactionreceipts associated with the sender account and stored in the localstorage, creating a transaction request that includes the copies of thetransaction receipts, and sending the transaction request to therecipient computing device. The copies of the transaction receipts inthe transaction request may be first copies of the transaction receipts.In such embodiments, validating the transaction at the recipient nodemay include sending requests to at least a portion of the plurality ofcomputing devices in the network for copies of any transaction receiptsassociated with the sender account, receiving (as second copies of thetransaction receipts) transaction receipts associated with the senderaccount from each of only a subset of the plurality of computing devicesin the network, and validating the transaction based on the first andsecond copies of the transaction receipts.

Embodiments include a second computer-implemented method. The secondmethod is performed by a validation one of a plurality of computingdevices in a network. The second method includes receiving, at thevalidation computing device, a transaction request that requeststransfer of a transaction amount of virtual currency from a senderaccount to a recipient account. The sender account is associated withtransaction receipts. The transaction request includes (a) references tofirst copies of the transaction receipts, or (b) the first copies of thetransaction receipts. The validation computing device requests secondcopies of the transaction receipts associated with the sender accountfrom at least two of the plurality of computing devices in the network,receives the second copies of the transaction receipts from fewer thanall of the plurality of computing devices in the network, and determineswhether the first copies have been tampered with by comparing the firstcopies and the second copies of the transaction receipts to one another.When it is determined that the first copies have not been tampered with,the validation computing device generates at least one new transactionreceipt for the transaction request, and forwards the at least one newtransaction receipt to fewer than all of the plurality of computingdevices in the network for storage thereby. The at least one newtransaction receipt indicates that the transaction amount of the virtualcurrency has been transferred from the sender account to the recipientaccount.

In some embodiments of the second method, after the at least one newtransaction receipt has been forwarded, the transfer of the transactionamount of the virtual currency from the sender account to the recipientaccount is irreversible.

In some embodiments of the second method, each of at least a portion ofthe transaction receipts associated with the sender account may includea first reference to an earlier one of the transaction receiptsassociated with the sender account, and a second reference to a laterone of the transaction receipts associated with the sender account.

When each new transaction receipt is generated, the second method mayinclude identifying a previously generated one of the transactionreceipts associated with the sender account, including a first referenceto the previously generated transaction receipt in the new transactionreceipt, and including a second reference to the new transaction receiptin the previously generated transaction receipt such that thetransaction receipts associated with the sender account define a doublylinked list.

In some embodiments of the second method, the second copies may includea plurality of past transaction amounts. In such embodiments, the secondmethod may include totaling the past transaction amounts to obtain asender account balance, and the at least one new transaction receipt mayinclude first and second new transaction receipts. The first newtransaction receipt indicates the sender account balance has beentransferred from the sender account to the recipient account. The secondnew transaction receipt indicates a difference between the senderaccount balance and the transaction amount has been transferred from therecipient account to the sender account.

In some embodiments of the second method, the first copies include aplurality of past transaction amounts, and a sum of the plurality ofpast transaction amounts is less than or equal to the transactionamount.

In the second method, forwarding the at least one new transactionreceipt to fewer than all of the plurality of computing devices in thenetwork for storage thereby may include, for each new transactionreceipt, (a) performing, by the validation computing device, a hashfunction on at least a portion of the new transaction receipt to obtaina hash value, (b) identifying, by the validation computing device, adifferent one of the plurality of computing devices in the network as astorage computing device based on the hash value and a distributed hashtable, and (c) forwarding, by the validation computing device, the newtransaction receipt to the storage computing device. In suchembodiments, the storage computing device routes the new transactionreceipt to at least one other of the plurality of computing devices inthe network for storage thereby according to a routing algorithm usingthe distributed hash table. The routing algorithm may be influenced byat least one of a current number of the plurality of computing devicesin the network, reachability of a particular one of the plurality ofcomputing devices, and the hash value. In some embodiments of the secondmethod, the new transaction receipt is stored in fewer than all of theplurality of computing devices in the network, and none of the pluralityof computing devices stores copies of all transaction receipts storedwithin the network.

In some embodiments of the second method, the transaction request mayinclude a signature, and the validation computing device may verify thesignature.

In some embodiments of the second method, the recipient account may bestored on the validation computing device. The recipient account mayhave an account address stored in a distributed hash table.

In some embodiments of the second method, the network is a peer-to-peernetwork that may optionally have a ring topology.

Embodiments include a third computer-implemented method. The thirdmethod is for use with a plurality of computing devices in a networkimplementing a plurality of nodes. The third method includes receiving,at a validation one of the plurality of nodes, a transaction requestrequesting a transfer of a transaction amount of virtual currency from asender account to a recipient account. The sender account is associatedwith transaction receipts. The transaction request includes (a)references to first copies of the transaction receipts associated withthe sender account, or (b) the first copies of the transaction receipts.The validation node requests second copies of the transaction receiptsassociated with the sender account from at least two of the plurality ofnodes, and receives the second copies from fewer than all of theplurality of nodes. The validation node determines whether the firstcopies have been tampered with by comparing the first copies and thesecond copies of the transaction receipts to one another. When it isdetermined that the first copies have not been tampered with, thevalidation node generates at least one new transaction receipt for thetransaction request, and forwards the at least one new transactionreceipt to fewer than all of the plurality of nodes for storage thereby.The at least one new transaction receipt indicates that the transactionamount of the virtual currency has been transferred from the senderaccount to the recipient account.

In some embodiments of the third method, forwarding the at least one newtransaction receipt to fewer than all of the plurality of nodes forstorage thereby may include, for each new transaction receipt, (a)performing, by the validation node, a hash function on at least aportion of the new transaction receipt to obtain a hash value, (b)identifying, by the validation node, a network address of a differentone of the plurality of nodes as a storage node based on the hash valueand a distributed hash table, and (c) forwarding, by the validationnode, the new transaction receipt to the network address of the storagenode. The storage node may route the new transaction receipt to at leastone other of the plurality of nodes for storage thereby according to arouting algorithm using the distributed hash table. The new transactionreceipt may be stored by fewer than all of the plurality of nodes.Further, none of the plurality of computing devices may store copies ofall transaction receipts stored within the network.

Embodiments include a fourth computer-implemented method. The fourthmethod is performed by a sender one of a plurality of computing devicesin a network. The plurality of computing devices implement a pluralityof nodes. Each of the plurality of nodes has access to a distributedhash table. The sender computing device implements a sender one of theplurality of nodes. The fourth method includes locating, by the sendernode, copies of transaction receipts associated with a sender accountimplemented by the sender node. The copies include a plurality of pasttransaction amounts of a virtual currency. The sender node totals theplurality of past transaction amounts of the virtual currency to obtaina sender account balance. If the sender account balance is equal to orgreater than a current transaction amount of the virtual currency, thesender node creates a transaction request that requests a transfer ofthe current transaction amount to a recipient account implemented by arecipient one of the plurality of nodes. The recipient account isassociated with a key value. The transaction request includes (a)references to the copies of the transaction receipts associated with thesender account, or (b) the copies of the transaction receipts. Thesender node identifies a network address associated with the recipientnode by looking up the key value in the distributed hash table, androutes the transaction request to the network address of the recipientcomputing device for processing thereby. Optionally, the sender nodecreates a signature by encrypting at least a portion of the copies ofthe transaction receipts using a key associated with the sender account,and the transaction request includes the signature. Optionally, thesender node creates a plurality of signatures by encrypting at least aportion of each of the copies of the transaction receipts using the keyassociated with the sender account, and the transaction request includesthe plurality of signatures.

Embodiments include a fifth computer-implemented method. The fifthmethod is for use with a plurality of computing devices implementing aplurality of nodes of a ring-shaped overlay network. The fifth methodincludes receiving, at a bootstrap one of the plurality of nodes, aconnection request from a joining node implemented by a joiningcomputing device. In response to the connection request, the bootstrapnode sends a handshake identifier to the joining node, and receives afirst value created using the handshake identifier from the joiningnode. The bootstrap node may have generated the handshake identifier.For example, the handshake identifier may be a randomly generatednumber, and the bootstrap node may generate the random number used asthe handshake identifier. The bootstrap node compares the first value toa second value. When the first and second values are identical, thejoining node is validated and thereby allowed to join the overlaynetwork. On the other hand, when the first and second values are notidentical, the joining node is rejected and thereby prevented fromjoining the overlay network.

The fifth method may also include generating, at the bootstrap node, thesecond value by loading, as a byte stream, one or more portions of alegitimate copy of selected software code, and performing a hashfunction on the handshake identifier and the byte stream to obtain ahash value. In such embodiments, the second value is the hash value. Theone or more portions of the legitimate copy of the selected softwarecode may include a plurality of class files within a component library.

In some embodiments of the fifth method, when the joining node has beenvalidated, the bootstrap node may assign a position within the overlaynetwork to the joining node.

In some embodiments of the fifth method, when the joining node has beenvalidated, the bootstrap node may assign a node identifier within theoverlay network to the joining node. The node identifier may bedetermined as a function of an external Internet Protocol (“IP”) addressand network path associated with the joining node. Each of the pluralityof nodes may have access to a distributed hash table used to routeinformation between the plurality of nodes within the overlay network.In such embodiments, the bootstrap node may add the node identifier tothe distributed hash table as a key.

Embodiments include a sixth computer-implemented method. The sixthmethod is for use with a plurality of computing devices implementing aplurality of nodes of a ring-shaped overlay network. The sixth methodincludes requesting, from a joining node implemented by a joiningcomputing device, a connection with a bootstrap one of the plurality ofnodes. In response, the joining node receives a handshake identifierfrom the bootstrap node, loads one or more portions of selected softwarecode as a byte stream, and determines a first value by performing anoperation on the handshake identifier and the byte stream. The operationmay include performing a hash function on the handshake identifier andthe byte stream to obtain a hash value. In such embodiments, the firstvalue is the hash value. The one or more portions of the selectedsoftware code may include a plurality of class files within a componentlibrary. The joining node transmits the first value to the bootstrapnode. The bootstrap node compares the first value to a second value. Ifthe first and second values are identical, the joining node receives anindication from the bootstrap node that a connection with the bootstrapnode has been established. On the other hand, if the first and secondvalues are not identical, the joining node receives an indication fromthe bootstrap node that the request for a connection has been rejected.

In some embodiments of the sixth method, the handshake identifier may bea randomly generated number.

In some embodiments of the sixth method, after the connection with thebootstrap node has been established, the joining node receives anassignment of a position within the overlay network from the bootstrapnode.

In some embodiments of the sixth method, after the connection with thebootstrap node has been established, the joining node receives anassignment of a node identifier within the overlay network from thebootstrap node. The node identifier may have been determined as afunction of an external Internet Protocol (“IP”) address and networkpath associated with the joining node. Each of the plurality of nodesmay have access to a distributed hash table used to route informationbetween the plurality of nodes within the overlay network. In suchembodiments, the node identifier is added as a key in the distributedhash table.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S)

Various embodiments in accordance with the present disclosure will bedescribed with reference to the drawings, in which:

FIG. 1 is a diagram of an exemplary system configured to implement avirtual currency (or digital bearer instruments), and transactions usingthe virtual currency;

FIG. 2 is a diagram illustrating a network including a plurality ofnodes implemented by the system of FIG. 1;

FIG. 3 is a block diagram illustrating software components implementingthe nodes of the network of FIG. 2;

FIG. 4 is an illustrative example of a method of initiating atransaction on the network of FIG. 2;

FIG. 5 is an illustrative example of a method of validating thetransaction;

FIG. 6 is an illustrative example of a method of recording thetransaction in a portion of the nodes of the network of FIG. 2;

FIG. 7 is an illustrative example of a process for booting a node on thenetwork of FIG. 2;

FIG. 8 is an illustrative example of a process for synchronizing localstorage on a node with distributed storage on the network of FIG. 2; and

FIG. 9 is a diagram of a hardware environment and an operatingenvironment in which the computing devices of the system of FIG. 1 maybe implemented.

DETAILED DESCRIPTION OF THE INVENTION

In the following description, various embodiments will be described. Forpurposes of explanation, specific configurations and details are setforth in order to provide a thorough understanding of the embodiments.However, it will also be apparent to those of ordinary skill in the artthat the embodiments may be practiced without the specific details.Furthermore, well-known features may be omitted or simplified in ordernot to obscure the embodiment being described.

Example embodiments include systems and methods that implement a virtualcurrency and transactions using the virtual currency that have the fourattributes of face-to-face cash transactions, namely: (1)irreversibility, (2) direct transmission (the absence of a financialintermediary), (3) price stability, and (4) functionally (oreffectively) unlimited liquidity.

A unit of the virtual currency implemented by the system 100 may becharacterized as being a digital bearer instrument. As is appreciated bythose of ordinary skill in the art, a bearer instrument is a document orrepresentative item that indicates that the owner of the document hastitle to property. Bearer instruments differ from normal registeredinstruments in that no records are maintained as to who owns theunderlying property, or of the transactions involving transfer ofownership. In general, the legal situs of the property is where theinstrument is located and whoever physically has possession of thebearer instrument is presumed to be the owner of the property. U.S.dollars are examples of bearer instruments.

System Overview

FIG. 1 is a diagram of a system 100 configured to implement a virtualcurrency (or digital bearer instruments). For ease of illustration, thesystem 100 will be described as implementing a single virtual currency.However, as is appreciated by those of ordinary skill in the art, thesystem 100 may be used to implement more than one virtual currency andsuch embodiments are within the scope of the present teachings.

The system 100 includes a plurality of computing devices 140A-140Coperated by a plurality of customers 150, and a plurality of computingdevices 140D and 140E operated by a plurality of merchants 160. Thecomputing devices 140A-140E are connect to one another by a network 180.Together, the customers 150 and the merchants 160 are referred to asusers. Each user may be associated with a User ID that is a unique IDthat represents the user. While the users of the system 100 have beendescribed as being customers and merchants, other types of users (e.g.,charities, donors, etc.) wishing to store and/or transfer units of thevirtual currency may also use the system 100.

The system 100 includes a computing system 132 operated by a centralizedvirtual currency issuing authority 130. The computing system 132 isconnected by the network 180 (e.g., the Internet) to the computingdevices 140A-140E. The computing system 132 may include one or morecomputing devices.

Each of the computing devices 140A-140E, as well as, the one or morecomputing devices implementing the computing system 132 may beimplemented using a computing device 12 described below and illustratedin FIG. 9.

Referring to FIG. 2, the computing system 132 executes a mintapplication 134 that implements one or more mint nodes 120 controlled bythe issuing authority 130. In the embodiment illustrated, the mint nodes120 include three mint nodes MT1-MT3. However, the system 100 mayinclude any number of mint nodes 120. Together, the mint nodes 120 maybe characterized as being a mint. Each of the mint nodes 120 may beimplemented by a different computing device (like the computing device12 illustrated in FIG. 9) executing a copy of the mint application 134.However, this is not a requirement.

Each of the mint nodes 120 is associated with a mint account 122 thatstores units of the virtual currency as an account balance. Further, aswill be described in detail below, the mint application 134 isconfigured to create (or mint) units of the virtual currency via agenesis transaction, store those units in its mint account 122, andissue units of the virtual currency (from its mint account) to customers150 and/or merchants 160. As will also be described in detail below, themint application 134 may also be configured to exchange (or redeem)units of the virtual currency for units of a real world (or fiat)currency. The account balance of a particular mint account representsunits of the virtual currency that have been redeemed (or sold back tothe particular mint account) by the users, and/or units of the virtualcurrency that were minted through a genesis transaction but have not yetbeen issued to one or more of the users.

Each of the mint nodes 120 may have a special-purpose mint address 124predefined by the computing system 132.

The computing devices 140A-140E (see FIG. 1) operated by the usersimplement a plurality of (non-mint) regular nodes 170 that togetherdefine a peer-to-peer (“P2P”) network 172. Each of the regular nodes 170operates autonomously and in a decentralized manner. Each of the regularnodes 170 may be implemented by a different one of the computing devices140A-140E (see FIG. 1). However, this is not a requirement. For ease ofillustration, in FIG. 2, the P2P network 172 is depicted as includingseven nodes 170A-170G. However, the P2P network 172 may include anynumber of nodes. Also for ease of illustration, the nodes 170A-170E willbe described as being implemented by the computing devices 140A-140E,respectively.

The network 172 may include (or be organized into) one or more overlayP2P networks (e.g., an overlay P2P network R1) each having a ringnetwork topology in which each node is connected to two other nodes.Within the system 100, as will be described in more detail below,transactions between users are validated by one of the overlay P2Pnetworks (e.g., the overlay P2P network R1). For ease of illustration,in FIG. 2, the overlay P2P network R1 is depicted as including sevennodes (the regular nodes 170A-170G). However, the overlay P2P network R1may include any number of the regular nodes 170.

The system 100 provides a virtual currency infrastructure and platformthat may be implemented as an open system enabling the use of thevirtual currency by any user (e.g., customer, merchant, and the like)that elects to accept or use the system 100. Purchases of the virtualcurrency from the mint nodes 120 may be conducted using conventionalecommerce clearance methods in which a third party intermediary (e.g., abank) clears the fiat currency provided by the user. In suchembodiments, purchases from the mint nodes 120 may not be anonymous.However, once units of the virtual currency have been issued,transactions between the users within the P2P network 172 are conductedbetween cryptographic addresses (e.g., public keys) that have nonecessary relationship to the users or to their identities. Therefore,all transactions between users may be anonymous.

As mentioned above, the system 100 may be a bidirectional system inwhich units of the virtual currency can be redeemed at the mint nodes120 in exchange for fiat currencies. Redemption transactions whereby theunits of the virtual currency are sold to the mint nodes 120 may besubject to KYC protocols and therefore, may not be anonymous.

The system 100 enables direct transmission of units of the virtualcurrency between the users. Such direct transactions are cleared by adecentralized clearance system operating within the distributed P2Pnetwork 172. Thus, the system 100 lacks a centralized clearanceauthority and does not use an intermediary to validate transactionsbetween users. The issuing authority 130 has no role in approving orclearing transactions between users, and does not have the ability to“see” or trace individual transactions between users.

Within the P2P network 172, the regular nodes 170 may be implemented as“validation/storage” nodes, “client” nodes, or both. Class A nodes(e.g., the node 170E) are nodes within the network 172 that can functionas both a “client” node as well as a “validation/storage” node. Class Bnodes (e.g., the node 170D) function as “validation/storage” nodes onlyand do not function as “client” nodes. Class C nodes (e.g., the node170A) function as “client-only” nodes and do not function as“validation/storage” nodes.

“Validation/storage” nodes (e.g., the nodes 170D and 170E) are eachconfigured to validate transactions and store transaction receipts.“Validation/storage” nodes each include a validation/storage application109 that implements the functionality of the “validation/storage” node.The validation/storage application 109 may be obtained (e.g.,downloaded) from the computing system 132 operated by the issuingauthority 130.

A “client” node is configured to contact and route transactions to peernodes within the network 172. Transactions may be conducted bytransferring units of the virtual currency (1) between different useraccounts, (2) between different mint accounts, and (3) between a useraccount and a mint account. “Client” nodes include a client application110 that implements the functionality of the “client” node. The clientapplication 110 may be obtained (e.g., downloaded) from the computingsystem 132 operated by the issuing authority 130. FIG. 3 depicts some ofthe software components and data 300 stored by each of the nodes 170.Referring to FIG. 3, each of the nodes 170 implements one or more useraccounts (e.g., user account 108) that each stores an amount of thevirtual currency (originally issued by one of the mint nodes 120). Eachof the user accounts is owned by at least one of the users (e.g., one ormore of the customers 150 and/or the merchants 160) of the system 100.

The user account 208 is functionally a ‘virtual vault’ into which a usermay receive or store units of the virtual currency, or from which a usermay initiate a transaction. Each user account is associated with apublic key 116 and a private key 118 that together form a key pair. Thepublic key 116 may be used as the address of the user account 208. Theprivate key 118 may be used sign (or encrypt) a transaction messagesending units of the virtual currency to a different user account. Auser can generate and be associated with multiple user accounts and eachuser account may (and typically will) be associated with multipletransaction receipts. The balance of an account (either a user accountor a mint account) is a total of all transaction receipts associatedwith the user account. As will be explained in detail below, wheneverunits of the virtual currency are added to or removed from an account, atransaction receipt is generated and copies of the receipt are storedwithin a portion of the regular nodes 170 of the network 172. Forexample, the transaction receipt may be stored by a portion of the nodesof the overlay P2P network R1.

Returning to FIG. 2, a Class C node (or a “client-only” node), such asthe node 170A, does not form part of a distributed storage ring (e.g.,the overlay P2P network R1). Because every user of the system 100 maynot remain online, such users may not be reliable enough to participatein the storage distribution functions performed by the“validation/storage” nodes. A casual user, for example, will most likelylog onto the system 100, conduct a transaction, and exit the system 100.Furthermore, users using mobile devices may not be able to participateas fully functional nodes in the network 172. Thus, such mobile devicesand/or computing devices operated by casual (or otherwise insufficientlyreliable) users may function as “client-only” nodes within the network172.

Referring to FIG. 3, each of the nodes 170 includes a routing component111, a journal 112, an event publishing/consuming component 113, and alocal storage 114. Further, each of the nodes includes a local copy of adistributed hash table (“DHT”) (illustrated as DHT 115).“Validation/storage” nodes each includes a DHT store 116.

The routing component 111 builds a hash value of a transaction receipt,and routes the transaction receipt to the appropriate peer within thenetwork 172. The receiving peer verifies the transaction and initiatesthe storage process. The routing component 111 may implement anapplication programming interlace or application of the FreePastrylibrary.

The journal 112 represents a distributed hash table (“DHT”) persistencecomponent for use with the DHT 115. The journal 112 can be implementedas an extension of PAST. The journal 112 may use the default “insert”operations of PAST together with its built-in replication facilities.However, the journal 112 may overrides its “lookup” operation to enforcethe retrieval of the replicated copies of a record, and itsconsistency-checking.

The publishing/consuming component 113 publishes successfully completed(and recorded) transaction receipts. The publishing/consuming component113 may use the SCRIBE library to publish the transaction receipts. Thepublishing/consuming component 113 may use the public address of therecipient as a topic for the event. Each node, on startup, subscribes totopics corresponding to their public addresses. This component providesreal-time notification of receipts so that live nodes can update theirlocal storage 114 and provide client feedback.

The local storage 114 is used to store transaction receipts and spentinputs that concern the addresses (e.g., the public key 116) associatedwith the one or more user accounts (e.g., user account 108) implementedby the node. Example embodiments enable efficiencies (e.g., a persistentclient cache) such that the node does not have to query the network 172(see FIG. 2) for all transactions associated with a particular useraccount when the node wants to send or get the balance of the particularuser account. The local storage 114 may be implemented using an embeddedrelational database using, for example, Apache Derby. However,alternative embodiments may be implemented using other storagemechanisms.

In addition to the components described above, each of the nodes 170 mayalso maintain an optional index 117 of transactions keyed on the publicaddresses of the user accounts. This allows for the efficient retrievalof all transaction receipts for a given address. It also addressesportability in that a user simply imports his/her addresses on a newmachine or device and the records of relevant transactions will follow.

A unique identifier or “Node ID” 103 is assigned to each of the regularnodes 170. A Node ID is a persistent identifier that remains consistentwhether the node is online or not, and is assigned by the network 172 orthe system 100. A node ID may be generated for a node that is joiningthe network 172 for the first time by applying a hashing algorithm onthe external internet protocol (“IP”) address and network path of thenode. This node ID 103 may serve as a key in the DHT 115.

The software components implementing the nodes 170 may be configured torun as part of a user interface (UI) client or in a command-line orheadless mode.

User Transactions

A transaction between users may be characterized as having threecomponents: (1) initiation, (2) validation, and (3) recordation.

1. Initiation

A sender is a user (or mint node) that initiates a transaction to sendone or more units of the virtual currency from the sender's user account(or the mint node's mint account) to the recipient's user account. Therecipient is the user (or mint node) that is to receive one or moreunits of the virtual currency from the sender through the transactioninitiated by the sender.

Referring to FIG. 2, a sender (other than one of the mint nodes 120)initiates a transaction using the client application 110 executing onone of the computing devices 140A-140E (see FIG. 1). For ease ofillustration, the sender will be described as being the customer C1operating the computing device 140A, which is implementing the“client-only” (or Class C) node 170A. In this example transaction, therecipient is the merchant M2 operating the computing device 140E, whichis implementing the Class A node 170E. The customer C1 is associatedwith a user (sender) account 220 implemented by the Class B node 170D,and the merchant M2 is associated with a user (recipient) account 215implemented by the Class A node 170E.

The sender initiates the transaction by using the client application 110to send a transaction message 208 from the user (sender) account 220 tothe user (recipient) account 215. To send the transaction message 208,the sender must provide the public key 116 (address) of the user(recipient) account 215, the currency type, the transaction amount(expressed in units of the virtual currency), and references to (orcopies of) transaction receipts associated with the user (sender)account 220.

FIG. 4 is a flow diagram of an embodiment of a method 400 ofconstructing the transaction message 208 that may be performed by thenodes 170A-170G. For ease of illustration, the method 400 will bedescribed as being performed by the Class C node 170A. In first block402, the sender (e.g., the customer C1) initiates a transaction at asending node (e.g., the Class C node 170A). In block 404, the sendingnode (e.g., the Class C node 170A) automatically locates and collectsthe transaction receipts associated with the user (sender) account 220.For example, transaction receipts may be collected from the localstorage 114 (see FIG. 3), and may query other nodes for copies of thetransaction receipts stored in their DHT stores 116 (see FIG. 3). Toensure system integrity, it is necessary to ensure that a transaction isinitiated by the user that has control over the user (sender) account220. To achieve this, the transaction may be signed. In block 406, thesending node (e.g., the Class C node 170A) signs the transaction messageby encrypting the serialized transaction inputs (e.g., the references toor copies of the transaction receipts) using the private key 118associated with the user (sender) account 220. The ciphertext resultingfrom this encryption may be used as the signature. Optionally, thesender may sign each of the transaction receipts as well and includethose signatures in the transaction message 208. In block 408, thetransaction inputs together with the signature are packaged up into thetransaction message 208, In block 410, the sending node (e.g., the ClassC node 170A) sends the transaction message to the recipient node (e.g.,the Class A node 170E). Then, the method 400 terminates.

2. Validation

The node (e.g., the Class A node 170E) associated with the user(recipient) account 215 receives the transaction message 208 andvalidates the transaction if certain conditions are satisfied. Asmentioned above, the aggregation of all validated transaction receiptsstored within the P2P network 170 represents a distributed record of thebalances of each of the user accounts. In other words, a particularaccount balance is determined from all validated transaction receiptsstored in the P2P network 170 that identify the account. The referencesto (or copies of) transaction receipts of the sender include transactionreceipts evidencing transactions in which the sender either sent orreceived units of the virtual currency, and are used (during thevalidation process) to determine whether the user (sender) account 220has a sufficient account balance to transfer the transaction amount. Asmentioned above, the issuing authority 130 (see FIG. 1) is not involvedin validating transactions between user accounts.

Validation includes querying the network for each transaction receiptreferenced in the transaction message 208 and validating it. The node(e.g., the Class A node 170E) associated with the user (recipient)account 215 does not communicate with either the virtual currencyissuing authority 130 or a centralized transaction clearance authority(because the system 100 does not include one). Instead, transactionclearance is decentralized and performed entirely by a subset of thedistributed nodes 170. Further, transaction receipts are not broadcastto the entire network 172. After the transaction is validated and thetransaction receipt is stored within a portion of the network 172, thetransaction is irreversible (like a conventional cash transaction).

FIG. 5 is a flow diagram of an embodiment of a method 500 of validatingthe transaction message 208 that may be performed by the regular nodes170A-170G. For ease of illustration, the method 500 will be described asbeing performed by the Class A node 170E. In first block 501, therecipient node (e.g., the Class A node 170E) receives the transactionmessage 208. In block 502, upon receipt of the transaction message 208,a recipient node verifies the authenticity of the transaction byverifying the transaction's hash code and the signature. In block 504,the recipient node inspects the transaction receipts referred to (orincluded in) the transaction message 208 and queries the network R1 forcopies of them. For each input transaction receipt included in thetransaction message 208, the same verification of the transaction hashand signature is applied. In block 506, the network R1 sends therequested copies of the input transaction receipts, and the recipientnode compares them with each other to ensure consistency of the data.

In block 508, the recipient node (e.g., the Class A node 170E) hashesthe transaction message 208 to obtain a hash value to use as a uniqueidentifier for the transaction and as key for storage purposes. In block510, a target storage node is identified based on the transaction's key.Finally, in block 512, a transaction receipt 210 is generated and routedto the determined target node (e.g., the node 170G).

3. Recordation

As mentioned above, a transaction receipt (e.g., the transaction receipt210) is generated for each completed transaction. The transactionreceipt 210 is the record evidencing a validated transaction. Each nodestores transaction receipts received from other nodes. However, none ofthe nodes 170 stores transaction receipts for all of the transactionsconducted within the network 172. Instead, each node stores transactionreceipts for only a portion of the transactions.

Returning to FIG. 2, the transaction receipt 210 is routed to a node forstorage based on a calculated hash of the transaction receipt (or aportion of the information included therein), which is used to lookup anode having a node ID computationally closest to the hash value. Forease of illustration, the node 170G will be described as having the nodeID closest to the hash value. Thus, in this example, the transactionreceipt 210 is routed to the node 170G. The node 170G replicates thetransaction receipt 210 to create copies 212A and 212B and sends thecopies to a number of other nodes for storage. The use of a hash of thetransaction receipt 210 as a key for routing purposes enforcesrandomness of where the transaction receipt 210 is processed and stored.

Thus, the system 100 may use a transaction-centric and distributedapproach to validating transactions and/or storing transaction receipts.Using the routing algorithm of the DHT 115, the transaction receipt 210is routed to a peer (e.g., the node 170G) in the P2P network 172 basedon its hash. The peer then validates and verifies the transaction andinitiates its storage.

FIG. 6 is an illustrative example of a method 600 performed by the“validation/storage” nodes (or Class A and B nodes). For ease ofillustration, the method 600 will be described as being performed by thenode 170G. In first block 602, when a transaction has been deemed valid(e.g., using the method 500 described above), the node (e.g., the node170G) to which the transaction receipt 210 was routed (by the recipientnode) will store a serialized form of the transaction receipt in the DHTstore 116 (see FIG. 3) of the node. In block 604, the node copies thetransaction receipt 210 (to create copies 212A and 212B) and routes thecopies to a number of other nodes for storage thereby. In block 606,when the storage operation is complete, the node publishes a messageusing the recipient's address (or the public key associated with theuser (recipient) account) as the topic for the subscription. Therecipient node would have previously subscribed to a topic, which is therecipient's address. As such, if the target recipient is online, therecipient node will be notified of the transaction by the publishedmessage. Upon receipt of the notification, the recipient node retrievesthe transaction receipt from the overlay P2P network R1 and updates itslocal storage 114 (see FIG. 3). If the target recipient is offline, therecipient node will learn of the transaction as part of thesynchronization process (e.g., a method 800 described below). Accordingto example embodiments, once a transaction is validated and storedwithin the network 172, the transaction is irreversible.

The storage mechanism (e.g., in block 604) sends the copies 212A and212B of the transaction receipt to “x” number of peers, each of whichverifies the transaction receipt before storing it. When an attempt ismade to retrieve a transaction receipt for the purposes of using it asan input to a subsequent transaction message, the system 100 retrieves(e.g., in block 404 of the method 400) copies of the transaction receiptfrom the peers. It verifies the consistency of “y” number of the copiesof the transaction receipt as a condition to considering the retrieval asuccess. The number of copies of the transaction receipt stored (e.g.,“x” number) may directly affect the reliability and availability of thetransaction receipts. The value of “y” may be considered a verificationfactor that relates to the integrity of the record. The use of a hash ofthe transaction receipt as a key for routing purposes introducesrandomness as to where the transaction receipt is processed and stored.

The references to (or copies of) transaction receipts (referred to as“referenced inputs”) included in the transaction message 208 are signedby the sender (using the private key 118 associated with the sender'suser account 220) to prove ownership. The system 100 verifies thesignatures by independently retrieving the referenced inputs and runningsigning scripts. The transaction receipt may be hashed by serializingthe various elements of the transaction receipt and performing a hashfunction (for example, SHA 256, anther cryptographic hash function,combinations thereof, and the like) on the serialized elements to obtaina hash value that is used as the key for the DHT routing and storage.When a transaction receipt is used as a referenced input, it is markedas spent (or completed) by adding a forward link (to the transactionreceipt) to the next more recent transaction. In this manner, the chainof transaction receipts may resemble a doubly linked list.

The software components implementing the nodes 170 may be written in aprogramming language, such as Java. Further, software applicationsimplementing the nodes 170 may be built on top of a well-known DHTimplementation called Pastry. The core components of Pastry, ascontained in the FreePastry library, may be used to provide themechanics used to create and maintain the overlay P2P network R1, andthe routing algorithm that locates nodes within that network. Inaddition to the FreePastry library, components built on top of Pastry(e.g., PAST and SCRIBE) may be used. PAST is a peer-to-peer storageutility with built-in replication capabilities. SCRIBE is a groupcommunication and event notification component. The example embodimentscan further use Apache Derby as an embedded database for local storage(e.g., the local storage 114 depicted in FIG. 3). Alternative exampleembodiments may be written in different programming languages or usingother proprietary or open-source libraries.

As mentioned above, each user account may be associated with apublic-private key pair. The public key 116 (see FIG. 3) may be used asa publicly visible address of the user account. A user can request a newaddress (for a user account) through the user interface of the clientapplication 110 or through a command line interface. The system maygenerate a key pair using elliptic curve cryptography and a Javasecurity provider (e.g., BouncyCastle). The key-pairs are stored locallyand not to the DHT 115.

Optionally, the computing system 132 may implement a registry (notshown) of easy-to-remember names (or aliases) that can optionally beused in place of the public keys. Optionally, a registration process maybe used to ensure the uniqueness of an alias and to create the addressassociation.

Genesis Transactions

As mentioned above, the mint nodes 120 create units of the virtualcurrency using a genesis transaction. It is different from othertransactions in that a genesis transaction does not include referencesto (or copies of) transaction receipts of the sender. Special-purposemint addresses may be predefined in the computing system 132. A validgenesis transaction is both addressed to one of the mint addresses andinitiated by one of those addresses.

A transaction receipt may be generated by the mint node, and forwardedto one of the nodes 170 for storage in a portion of the network 172(e.g., in accordance with the method 600).

Node Boot-Up and Synchronization

FIG. 7 is an illustrative example of a method 700 that may be performedby one of the nodes 170 when it boots up and connects to the P2P network172. In first block 702, when a node is started up, the node (referredto as a “joining node”) establishes a connection to the P2P network 172.This process may be referred to as a “bootstrapping” process duringwhich the joining node attempts to establish a connection to anothernode (referred to as a “bootstrap node”) within the P2P network 172. Thebootstrap node could be any node. However, by default, the joining nodemay attempt to connect with a node associated with an IP addressassociated with a known domain name.

In block 704, once a connection to the bootstrap node is established,the joining node is validated. The node validation process ensures thatthe joining node is running a legitimate version of the software (e.g.,the validation/storage application 109 and/or the client application110). Thus, the node validation process helps prevent nodes that areexecuting code that has been tampered with (e.g., for ill purposes) fromjoining the network. During the node validation process, the bootstrapnode supplies a randomly generated number (referred to as a “handshakeID”) to the joining node. The joining node locates one or more portionsof the software (e.g., several class files within the component library)and loads the portion(s) located as a byte stream. The byte stream ishashed together with the handshake ID to obtain a first hash result. Thefirst hash result is sent to the bootstrap node. The bootstrap nodecompares the first hash result with a second hash result created by thebootstrap node. The bootstrap node creates the second hash result byloading one or more portions of a legitimate copy of the software as abyte stream, and hashing the byte stream together with the handshake ID.If the first and second hash results are not equal, the bootstrap nodewill reject the joining node. In other words, the bootstrap node doesnot validate the joining node. When this happens, the method 700terminates. On the other hand, if the first and second hash results areequal, the bootstrap node validates the joining node, and the methodcontinues at block 706.

In block 706, the joining node's relative position within the overlayP2P network R1 is established for purposes of routing andaddressability. In block 707, a network path that will be used by thejoining node when communicating with other nodes is determined. In block710, firewall restrictions and network address translations aredetermined. In some example embodiments, depending on the firewallrestrictions, a proxy node may be used. Finally, in block 712, thejoining node is identified using a node ID. For a node that is joiningfor the first time, its node ID may be generated by applying a hashingalgorithm on its external IP address and network path. As mentionedabove, this node ID essentially serves as a key in the DHT 115 (see FIG.3).

As mentioned above, each of the “validation/storage” nodes (or Class Aand B nodes) establishes a location within its disk space upon which itwill be storing transaction receipts (and copies thereof) that arerouted to the node 170E by the overlay P2P network R1. This is referredto as its DHT store (e.g., the DHT store 116 depicted in FIG. 3).

Each of the nodes 170 establishes a location within its disk space thatit will use for storing references to transactions that are relevant toits accounts. This is called its local storage (e.g., the local storage114 depicted in FIG. 3). The local storage is used primarily fordetermining the balance and history for the node's accounts withouthaving to query the network for all its transactions.

A local storage can get out-of-synch when transactions relevant to thenode's accounts occur while the node is offline. FIG. 8 is anillustrative example of a method 800 performed by each of the nodes 170after it boots up (e.g., after the method 700 is performed). The method800 performs a synchronization process when the node is booted up. Infirst block 812, the node sends, to the overlay P2P network R1, asubscribe message for each of its accounts using the addresses (publickeys) as topics. This informs the overlay P2P network R1 that therequesting node wants to receive notifications for any transaction thatis relevant to its accounts. In response to the subscribe message, theother nodes in the network send, to the requesting node, copies of alltransaction receipts that are relevant to the user accounts associatedwith the requesting node. In block 814, the requesting node uses theseto update its local storage.

Virtual currencies and digital bearer instruments (such as thoseimplemented by the system 100) may open new demographic markets, enableaccess to formerly inaccessible geographies, and/or reducecost-per-transaction for online payments. In particular, virtualcurrencies and digital bearer instruments (such as those implemented bythe system 100) may eliminate entire classes of costs (such as thoseimposed by intermediaries) related to transaction processing and onlinefraud.

The costs and risks associated with an intermediated system whentransacting online are at best costly and at worst potentiallycrippling. The system 100 provides a mechanism by which the merchants160 may transact with the customers 150 with the same or similarcertainty enjoyed by real-world (brick and mortar) merchants whenaccepting cash. In other words, the system 100 may be used to replicateface-to-face cash transactions in an on-line environment, and conductirreversible online transactions without engaging a financialintermediary. Stated differently, the virtual currency implemented bythe system 100 may be characterized as being digital bearer instrument(or true “digital cash”) analogous to real world cash that enablespayments over a communications channel, such as the Internet, withoutinvolving a trusted party (e.g., a bank). In short, from a merchantperspective, being able to create a digital bearer instrument that isnot dependent on existing financial intermediaries and that isirreversible, completely eliminates transaction costs, sidestepstremendous fraud and associated cost exposure, and opens up the abilityto enter new markets, address new demographics, and offer new classes ofproducts and services online.

Because the system 100 may be used to conduct online transactions thathave the four attributes of a face-to-face cash transaction,transaction-processing fees may be reduced or eliminated completely.Further, the system 100 avoids losing hundreds of billions of dollarsannually to fraud and fraud mitigation/investigation costs. The system100 may be used to implement truly virtual cash having a stable priceand effectively unlimited liquidity that may be used to conductnon-intermediated and irreversible transactions over the Internet.

Example embodiments provide for an electronic or digital bearerinstrument system based on cryptographic proof instead of trust,allowing any two willing parties to transact directly and irreversiblywith each other without the need for a trusted third party intermediary.

Example embodiments of the system 100 resolve the double spend problem(described below) while simultaneously preserving the directtransmissibility and anonymity of transactions conducted using thevirtual currency.

The system 100 may be used to implement one or more secondary exchanges,because the system 100 enables direct transmission of units of thevirtual currency between users. Due to regulatory or risk-mitigationstrategies, it is anticipated that the mint system may restrict the saleof the virtual currency to within specified jurisdictions. Therefore, itis anticipated that secondary exchanges may arise between users to allowfor the transmission into the restricted regions, though the system 100may not generally participate in such exchanges.

The system 100 enables the direct transmission of the virtual currencycleared through the decentralized P2P network 172. This helps eliminatetransaction processing fees, allows for merchant risk autonomy, andprovides for transaction velocity. For example, without the requiredparticipation of an intermediary to process and dear transactions, thereare no transaction fees imposed for such intermediation. Additionally,the absence of third party intermediaries allows the parties to transacton whatever basis they are comfortable engaging, whether in relation tothe types of goods or services on offer, or the degree to which therecipient wishes to collect KYC information from the sender. This is instark contrast to the intermediated models, wherein the third partydefines what sorts of transactions are acceptable and at what levels,what data is to be collected and submitted and what fees or costs willbe levied and imposed. While credit card clearance times are very fast,many other incumbent bank-to-bank systems can take up to several daysbefore clearing. Direct transmission of a digital instrument betweencustomer and merchant may be extremely fast (from hundredths of a secondto a few minutes).

According to example embodiments of the system 100, virtual currencytransactions cleared through the distributed network 172 areirreversible. Enabling irreversible transactions for ecommerce has atleast three distinct benefits to merchants: (1) elimination of fraudcosts, (2) enablement of new offerings and markets, and (3) enhancedcustomer experiences. For example, as with cash transaction, functionalirreversibility alleviates entire categories of risk and fraud exposure.Furthermore, by eliminating the risk of payment reversal, merchants canmake new services or products available online. Rapid, irreversibleservice transactions, for example, that would be difficult to justifyunder threat of payment reversal would become viable. Moreover,jurisdictions or demographics that are historically categorized ashigh-risk from a fraud perspective may be accessed without incrementalexposure. Merchants may choose to transact with customers with a lessonerous KYC burden, thereby both reducing their own operational costsand streamlining and improving the customer experience and conversionrates.

Some KYC requirements are imposed by virtue of the merchant's productsor industry, or due to other regulatory requirements. Therefore, in someembodiments, the system 100 implements additional diligence andcompliance required to ensure that a particular payment instrument isnot being fraudulently used, and gathers sufficient verifiable personalinformation regarding the customer to enable the merchant to initiateproceedings against the customer in the event of default or otherwise.

Example embodiments of the system 100 are designed to enable thecreation of virtual currencies that are pegged to fiat currencies at afixed rate. Unlike Bitcoins or AMAZON® Coins or other virtual currencysystems; however, the example embodiments presented herein include avirtual currency infrastructure, which enable the creation of multiplevirtual currencies cleared through the same distributed networkinfrastructure. In other words, the instant example embodiments can beused to introduce a virtual currency, used in accordance with exampleembodiments, pegged to the Swiss Franc, and another instance of thevirtual currency indexed to the Euro or the US Dollar. Similarly, itallows the creation of a virtual currency that could be pegged to fiatcurrency basket (e.g., a portfolio of several fiat currencies withdifferent weightings).

While inter-user transmission is anonymous and cleared through thenetwork 172 (i.e., without the interposition of a centralizedauthority), an authority (such as the issuing authority 130) may, attimes, operate the digital mint (implemented by the mint nodes 120). Themint may always issue virtual currency at a pegged rate, and redeem suchcurrency at the then-current pegged rate. As such, because the reservesare to be held in the currency of purchase, an effectively unlimitedamount of virtual currency can be purchased or redeemed at any time and,because the virtual currencies according to example embodimentspresented herein are pegged, such transactions, regardless of scale,will themselves have no impact on the currency price.

With regard to portability, one can consider the evolution of the meansof currency storage as one from physical possession of cash (thephysical ‘wallet’), to online intermediated access products (the“e-wallet”) to mobile-enabled intermediated products (the “m-wallet” or“phone-as-wallet”) to the user account 108 (see FIG. 3), which may becharacterized as being an electronic wallet. Wealth can be effectivelystored anonymously within the decentralized, dynamic, global network172. The electronic wallet (i.e., the user account 108) can bemanipulated from anywhere on Earth, which allows users to have theability to manage their virtual holdings and to send or receive virtualcurrency from anywhere on the planet.

Example embodiments of the system 100 enable users to operate with theassurance that the private key to unlock, access, and transfer theirwealth resides solely in their brains. Multiple addresses can be createdinstantaneously. This provides users with financial privacy and assetprotection combined with the ability to have those assets fully usablefrom anywhere in the world (assuming there is Internet connectivity).Such assets are (systemically) protected from theft or confiscationunless a user can be legally compelled to reveal his or her private key(which may or may not be known to exist). For example, a user may revealthe secret key to a loved one for inheritance reasons or even splittingthe phrase into segments with each family member possessing a portion ofthe total phrase. Off-grid transactions are also possible by simplyconveying the phrase via voice or encrypted email.

Terminology

The terminology used to refer to payment technologies, business modelsand transaction infrastructure is often inconsistently and/orinterchangeably used. Examples of such terminology includes, forexample, “electronic money,” “digital cash,” “Internet money,” “cryptocurrency,” “e-Money,” “iCash,” “digital purses,” “ewallets,” and“virtual currency.”

For purposes of describing and illustrating example embodiments of thesystem 100, the following four terms will be defined in additionaldetail: (1) Money, (2) Digital Money, (3) Virtual Currency, and (4)E-Money.

Money: The so-called “textbook triad” functions of money are as follows:(1) To Provide a Medium of Exchange, (2) To Store Value, and (3) ToProvide a Unit of Account. Money provides a medium of exchange used intrade to avoid the inconveniences of a pure barter system. The classicview is that to serve as a measure of value (or a medium of exchange),be it for a good or service, money needs to have constant inherent valueof its own or it must be firmly linked to a definite basket of goods andservices. In other words, money should have constant intrinsic value andstable purchasing power. Money can be used to store value, whereby moneycan be saved and retrieved for future use. Money can be a unit ofaccount, providing a standard monetary unit of measurement of thevalue/cost of goods, services, and/or assets.

Digital Money: “Digital Money” is denominated value stored in electronicform, issued or can be generated by private actors (i.e.,non-governmental entities), and may be exchanged for goods and/orservices. It is noteworthy that Digital Money products differ fromso-called “access products” that allow consumers to use electronic meansof communication to access otherwise conventional payment services (forexample, use of the Internet to make a credit card payment or forgeneral “online banking”).

Virtual Currency: “Virtual Currency” is a type of Digital Money that isdenominated in a proprietary unit of account other than a representationof a “real” currency (e.g., points, tokens, credits, “coins,” etc.) andwhich is usually adopted and accepted among members of a particularvirtual community. Examples of virtual currencies include FACEBOOK®Credits, Bitcoins, Linden Dollars, and AMAZON® Coins.

E-money: Unlike Digital Money and Virtual Currency, “E-money” has adefined and meaningful legal definition because e-money systems areregulated forms of financial instruments. This has a number ofconsequences, both positive and negative, as will be discussed furtherbelow.

To begin, reference is made to the European “E-Money Directive”, adirective passed by the European Commission and implemented (albeit notwith perfect consistency) within the member states of the EuropeanUnion. While from a legal perspective the E-Money Directive is onlymeaningful within the European Union, it is an important and usefulreference point.

The Directive defines e-money as follows: “eMoney” is monetary valuethat is: (a) represented by a claim on the issuer, (b) storedelectronically, (C) ensures the credibility of the transaction without acentral processing authority accepted as a means of payment byundertakings other than the issuer, and (d) issued on receipt of fundsof an amount not less in value than the monetary value issued. Ineffect, e-money always derives Thorn traditional “real” currency. Tokensof value issued by barter-clubs, private exchange-rings or other paymentsystems in exchange for real economic goods or services and virtualcurrencies (like for example Bitcoins) that are issued in computernetworks without any service in return, are exempt from the definitionof e-money, even though they fulfill the same economic function ase-money and have the actual potential of privately issued currencies.

The definition does not concern itself with the specifics of technology,that is, the law does not concern itself with how such value is conveyedbetween the sender and the recipient, or whether the transactions are“anonymous” or not. If the technology or system manifests these fourcharacteristics, it qualifies as e-money and is subject to licensing andregulation. If it does not constitute e-money according to thisdefinition, it does not.

As will be immediately apparent, this legal definition of e-money willexclude many products traditionally referred to as such. For example,Bitcoins are not e-money because they are not issued on receipt of funds(they are generated by “miners” following the expenditure of CPU“effort”) and they do not represent a claim on the issuer (as there isno issuer). Loyalty programs, airline points, etc. are not e-moneybecause they are not accepted outside of a closed-loop system and, inmany cases, are not purchased but rather earned and “awarded” by othermeans (frequent flyer status, for example). AMAZON® Coins would notconstitute e-money because they are not accepted as payment by anyoneother than AMAZON®.

Given the foregoing working definitions, it is dear that while E-moneyand Virtual Currencies are both forms of Digital Money, they are neithersynonymous nor mutually exclusive terms. The above-noted definitions areuseful to clarify the distinctions between the products and, moreimportantly, help predict the legal status of these schemas. However,understanding these general categories provides only the mostsuperficial understanding of these schemes and how they function.

The following sections provide definitions and explanations related toselected terminology.

Open Systems vs. Closed Systems

A “closed” digital money system is one in which the money can only beused within a contained system, which is typically managed by theissuer. Examples of closed virtual money schemes include FACEBOOK®Credits, NINTENDO® Points, AMAZON® Coins, and airline frequent flyerprograms (where points can only be used to purchase flights or rewardsfrom the issuing airlines).

In contrast, “open” digital money schemes allow the money to be spentoutside of a closed system. Examples of open virtual money schemes areBitcoin and, to some degree, Linden Dollars, where these “currencies”can be used to purchase goods or services from any merchant or transactwith any individual that elects to accept them as payment.

Bidirectional vs. Unidirectional

“Bidirectional” systems allow users to buy and sell virtual currencyaccording to exchange rates between real world (or fiat) currencies andthe virtual currency. Bidirectional systems allow virtual currencies tooperate in a manner similar to that of any other convertible currencywith regard to their interoperability with the ‘real world.’

“Unidirectional” systems allow the virtual currency to be purchaseddirectly using real world currency at a specific exchange rate, but thevirtual currency cannot be redeemed for the original or any other fiatcurrency (i.e., the purchase is one-way).

Direct vs. Intermediated Transmission “Direct transmission” means that atransaction can be conducted without the need to interact with a bank orsome other form of central clearing authority (sometimes referred to as“permission-free transactions”). Direct transmission systems operateonline or offline,

“Intermediated Transmission” means that a transaction requires clearancethrough a bank or other centralized authority.

Clearance

“Clearance” refers to the process by which a transaction is validatedand effected. This process can be further broken down into steps. In atransaction wherein a sender initiates transfer of value to a receiver,such steps may include, for example: (1) Validating that the sender iswho they purport to be (identify validation); (2) Verifying the senderhas sufficient balance/possession of value (balance confirmation); (3)Confirming the receiver is a valid recipient; (4) Confirming thereceiver accepted the transfer (if required); and (5) Completing thetransfer, which may include debiting the sender, crediting the receiver,and updating records.

Double Spending

A fundamental challenge for digital money schemes is what is known asthe “double spend” conundrum, which asks what precludes an actor fromsending digital money to one recipient and then subsequently sending itto someone else?

Since a virtual currency is simply a series of bits, a “piece” ofe-money is hypothetically very easy to duplicate. As the copy isindistinguishable from the original, counterfeiting may be impossible todetect.

However, viable digital money schemes must be able to prevent or detectdouble spending. There are two principal ways that this is done, asfollows: (1) centralized clearance performed by a trusted centralizedauthority and (2) distributed clearance performed by a decentralizedauthority.

Centralized vs. Distributed Clearance

The first and by far the most common means of solving the double-spendproblem is well understood by all who participate in the traditionalfinancial system; centralized clearance performed by a centralizedtrusted authority. In such systems, the double-spend problem is avoidedentirely because the trusted authority (typically a bank) is aware ofall transactions, is the keeper of the master record as to ownership,effects and logs all transactions, and, in the event of a dispute, isable to determine which transaction was validly submitted and processedfirst. In such a system, if a previous transaction was validated andcompleted successfully, the second transaction will simply be recognizedas invalid and fail.

The trusted authority (typically a bank) maintains a database of alluser balances and transactions and can readily determine if a givenpiece of e-money is still “spendable.” If the database indicates thatthe e-money has already been spent, the transaction is simply rejected.This is precisely what is meant by “Intermediated Transmission” above—atrusted intermediary intercedes within the transaction to confirm itsvalidity and process the transaction.

The second method by which the double-spending problem can be addressedin digital money systems is by using what is known as distributed (ordecentralized) clearance. While trusted centralized authority systemsprevent double-spending by having a master authoritative source thatfollows business rules authorizing each transaction, a decentralizedclearance system eliminates the central authority altogether. Instead ofusing centralized authorization, a state of consensus within an “aware”peer-to-peer (P2P) network topology is used.

The peer-to-peer (P2P) network itself is dynamically ‘aware’ of alltransactions. Thus, there is no need for a centralized authority becauseevery node maintains what the network collectively “agrees” is thedefinitive transactional record.

To accomplish this, transactions are publicly announced (broadcast) tothe network, and a system is needed for the network to “agree” on theorder in which transactions were received (so attempts to double-spendcan be rejected). Every processing and storage node on the network isaware of every transaction ever made. Because the entire network isaware of any transactions, invalid transactions (attempts to doublespend) will be precluded because the network will have already logged areceipt for such currency from the purported sender to anotherrecipient.

Pegged vs. Floating

“Pegged” means that the value of the digital money is directly pegged tosome extrinsic value or feature (Le., other than supply and demand). Inmost instances, the peg is to an extant fiat currency. FACEBOOK®Credits, for example, could be purchased at a pegged rate of 10:1 to theU.S. dollar. Of course, a ‘peg’ is nothing more or less than a fixedexchange rate that is indexed against another currency or, in someinstances, a ‘basket’ of currencies.

In contrast, “floating” virtual currency and e-money schemes employ afloating exchange rate and the value of the currency is determinedsolely by supply and demand. Bitcoin and Linden Dollars, for example,are not pegged to a fiat currency, but rather are traded on third partyexchanges.

Irreversible vs. Reversible

An irreversible (sometimes called “hard”) form of virtual money is onethat does not have any mechanism to dispute or reverse transfers orpayments. In other words, it only supports non-reversible transactions.In such systems, reversing transactions (even in case of a legitimateerror, unauthorized use, or failure of a vendor to supply goods) isdifficult, if not impossible. Examples of such systems include WESTERNUNION®, Ucash and Bitcoin.

A reversible (or “soft”) form of virtual money is one whoseinfrastructure allows for reversal of payments, for example in case offraud or disputes. A “hard” currency can be effectively “softened” byusing a trusted third party or an escrow service.

Anonymous vs. Identified

Identified virtual money contains information revealing the identity ofthe person in possession or control of the funds. As is self-evident,all known intermediated systems and systems with centralized clearancefunctions necessarily maintain a single record and transaction log andfunds can be traced through each transaction and transfer.

In contrast, anonymous virtual money functions as cash. Once anonymousvirtual money is withdrawn from an account, or received from a sender,it can be spent or transferred onwards without leaving a transactiontrail that contains information that would enable identification ofprevious senders or recipients of the anonymous virtual money.

Price Stability and Predictability

Price stability refers to the stability of the value of the instrument,particularly in relation to a beneficiary merchant's operating currencyor currencies. If a merchant's cost base is denominated in AustralianDollars, for example, accepting an instrument other than one denominatedin Australian Dollars and whose value is unpredictable and/or fluctuateswildly against the fiat currency in which the merchant operatesintroduces significant risk.

Of course, with fiat currencies price stability predictability is avirtual given. At a minimum, inter-fiat-currency exchange fluctuationsat a macro level are largely predictable and generally manageable.

However, for some emergent payment models that are unpegged—certainclasses of virtual currencies in particular—price stability representsan enormous problem.

There are three means by which virtual currency pricing can beestablished. In increasing order of risk to the merchant, they are asfollows:

1. No Risk—Operational and Pegged Virtual Currency Alignment: VirtualCurrency (or e-money) denominated in merchant's operating fiat currency.Assuming adequate liquidity, if a virtual currency is denominated in orpegged at some fixed multiple to the merchant's principle operatingcurrency, no incremental risk is introduced. For example, a US-basedapplication developer (within the FACEBOOK® ecosystem) that wished toaccept FACEBOOK® Credits for purchase of or within their applicationwould have no currency exposure, as FACEBOOK® Credits were pegged at10:1 against the US Dollar.

2. Manageable Risk—Operational and Pegged Virtual Currency Misalignment:Virtual currency (or e-money) denominated in or pegged at a fixedmultiple to a fiat currency other than the merchant's operatingcurrency. In this scenario, the exchange risk is knowable and is theequivalent to the merchant accepting transactions directly in the peggedfiat currency.

3. High Risk—Virtual Currency Unpegged: Virtual currency (or e-money)the price for which is determined by market forces (e.g., Bitcoin orLinden Dollars). Many virtual currency models derive their value as afunction of supply and demand, expressed by the market through a varietyof online exchanges and marketplaces. This results in wildly fluctuatingprices, which is further exacerbated by limited market liquidity whenlarge orders can themselves move the market. Sizable merchants will havelimited incentive adopt virtual currencies as a payment method if itcannot predict and manage how the price of such currencies will move inrelation to its operating currency/currencies.

As a result, a merchant accepting a virtual currency as a payment methodimports an additional risk that is not present with incumbent paymentmethods denominated in a merchant's operating currency. If the virtualcurrency does not have a predictable value and exchange rate versus themerchant's principal operating currencies, then this introduces unknownand potentially unpredictable exchange risk.

It is noteworthy that within open virtual currency systems that rely onmarket forces to establish pricing through exchanges, the volatilityproblem is exacerbated by the psychographics of early adopters. While aspeculator may find such wild fluctuations of interest, a merchant facedwith the decision as to whether to integrate Bitcoins on a large scale,as a payment method would not.

Effectively Unlimited Liquidity

If a merchant is to accept a system that is outside of the fiat currencymodel, it must be assured that there is sufficient liquidity (andefficiency) within the system to allow it to manage operations. For theforeseeable future, merchants will continue to incur personnel,inventory and general operating costs in fiat currency (or currencies),and as such merchants must have certainty that it can purchase or selllarge orders of such virtual currencies either to or from a centralizedissuer or within the virtual currency exchanges. A merchant must be ableto purchase virtual currency and exchange its virtual currency for fiatoperating currencies quickly and predictably, or risk exposing itself tolong-term and inter-currency fluctuations.

In order for a merchant of any scale to be willing to adopt a virtualinstrument as a significant payment or refund channel, it needs to becertain that the marker to acquire or dispose of such instruments issufficiently liquid. Liquidity is of particular concern within thecontext of virtual currency systems whose price is determined strictlyby supply and demand and whose liquidity is limited. In such cases,merchants of any scale have naturally balked at adoption, for they haveno certainty—particularly for larger purchase or redemptiontransactions—that there will be sufficient liquidity to fulfill theirorders or, if there is, whether the orders can be filled at apredictable price. Indeed, large enough transactions could have theeffect of single-handedly moving the market, rendering such a system atbest fraught with risk and at worst valueless.

Computing Device

FIG. 9 is a diagram of hardware and an operating environment inconjunction with which implementations of the one or more computingdevices of the system 100 may be practiced. The description of FIG. 9 isintended to provide a brief, general description of suitable computerhardware and a suitable computing environment in which implementationsmay be practiced. Although not required, implementations are describedin the general context of computer-executable instructions, such asprogram modules, being executed by a computer, such as a personalcomputer. Generally, program modules include routines, programs,objects, components, data structures, etc., that perform particulartasks or implement particular abstract data types.

Moreover, those skilled in the art will appreciate that implementationsmay be practiced with other computer system configurations, includinghand-held devices, multiprocessor systems, microprocessor-based orprogrammable consumer electronics, network PCs, minicomputers, mainframecomputers, and the like. Implementations may also be practiced indistributed computing environments where tasks are performed by remoteprocessing devices that are linked through a communications network. Ina distributed computing environment, program modules may be located inboth local and remote memory storage devices.

The exemplary hardware and operating environment of FIG. 9 includes ageneral-purpose computing device in the form of the computing device 12.Each of the computing devices 140A-140E of the system 100 of FIG. 1 andthe computing devices implementing the computing system 132 may besubstantially identical to the computing device 12. By way ofnon-limiting examples, the computing device 12 may be implemented as alaptop computer, a tablet computer, a web enabled television, a personaldigital assistant, a game console, a smartphone, a mobile computingdevice, a cellular telephone, a desktop personal computer, and the like.

The computing device 12 includes a system memory 22, the processing unit21, and a system bus 23 that operatively couples various systemcomponents, including the system memory 22, to the processing unit 21.There may be only one or there may be more than one processing unit 21,such that the processor of computing device 12 includes a singlecentral-processing unit (“CPU”), or a plurality of processing units,commonly referred to as a parallel processing environment. When multipleprocessing units are used, the processing units may be heterogeneous. Byway of a non-limiting example, such a heterogeneous processingenvironment may include a conventional CPU, a conventional graphicsprocessing unit (“GPU”), a floating-point unit (“FPU”), combinationsthereof, and the like.

The computing device 12 may be a conventional computer, a distributedcomputer, or any other type of computer.

The system bus 23 may be any of several types of bus structuresincluding a memory bus or memory controller, a peripheral bus, and alocal bus using any of a variety of bus architectures. The system memory22 may also be referred to as simply the memory, and includes read onlymemory (ROM) 24 and random access memory (RAM) 25. A basic input/outputsystem (BIOS) 26, containing the basic routines that help to transferinformation between elements within the computing device 12, such asduring start-up, is stored in ROM 24. The computing device 12 furtherincludes a hard disk drive 27 for reading from and writing to a harddisk, not shown, a magnetic disk drive 28 for reading from or writing toa removable magnetic disk 29, and an optical disk drive 30 for readingfrom or writing to a removable optical disk 31 such as a CD ROM, DVD, orother optical media.

The hard disk drive 27, magnetic disk drive 28, and optical disk drive30 are connected to the system bus 23 by a hard disk drive interface 32,a magnetic disk drive interface 33, and an optical disk drive interface34, respectively. The drives and their associated computer-readablemedia provide nonvolatile storage of computer-readable instructions,data structures, program modules, and other data for the computingdevice 12. It should be appreciated by those skilled in the art that anytype of computer-readable media which can store data that is accessibleby a computer, such as magnetic cassettes, flash memory cards, solidstate memory devices (“SSD”), USB drives, digital video disks, Bernoullicartridges, random access memories (RAMS), read only memories (ROMs),and the like, may be used in the exemplary operating environment. As isapparent to those of ordinary skill in the art, the hard disk drive 27and other forms of computer-readable media (e.g., the removable magneticdisk 29, the removable optical disk 31, flash memory cards, SSD, USBdrives, and the like) accessible by the processing unit 21 may beconsidered components of the system memory 22.

A number of program modules may be stored on the hard disk drive 27,magnetic disk 29, optical disk 31, ROM 24, or RAM 25, including theoperating system 35, one or more application programs 36, other programmodules 37, and program data 38. A user may enter commands andinformation into the computing device 12 through input devices such as akeyboard 40 and pointing device 42. Other input devices (not shown) mayinclude a microphone, joystick, game pad, satellite dish, scanner, touchsensitive devices (e.g., a stylus or touch pad), video camera, depthcamera, or the like. These and other input devices are often connectedto the processing unit 21 through a serial port interface 46 that iscoupled to the system bus 23, but may be connected by other interfaces,such as a parallel port, game port, a universal serial bus (USB), or awireless interface (e.g., a Bluetooth interface). A monitor 47 or othertype of display device is also connected to the system bus 23 via aninterface, such as a video adapter 48. In addition to the monitor,computers typically include other peripheral output devices (not shown),such as speakers, printers, and haptic devices that provide tactileand/or other types of physical feedback (e.g., a force feed back gamecontroller).

The input devices described above are operable to receive user input andselections. Together the input and display devices may be described asproviding a user interface.

The computing device 12 may operate in a networked environment usinglogical connections to one or more remote computers, such as remotecomputer 49. These logical connections are achieved by a communicationdevice coupled to or a part of the computing device 12 (as the localcomputer). Implementations are not limited to a particular type ofcommunications device. The remote computer 49 may be another computer, aserver, a router, a network PC, a client, a memory storage device, apeer device or other common network node, and typically includes many orall of the elements described above relative to the computing device 12.The remote computer 49 may be connected to a memory storage device 50.The logical connections depicted in FIG. 9 include a local-area network(LAN) 51 and a wide-area network (WAN) 52. Such networking environmentsare commonplace in offices, enterprise-wide computer networks, intranetsand the Internet. The network 180 (see FIG. 1) may be implemented usingone or more of the LAN 51 or the WAN 52 (e.g., the Internet).

Those of ordinary skill in the art will appreciate that a LAN may beconnected to a WAN via a modem using a carrier signal over a telephonenetwork, cable network, cellular network, or power lines. Such a modemmay be connected to the computing device 12 by a network interface(e.g., a serial or other type of port). Further, many laptop computersmay connect to a network via a cellular data modem.

When used in a LAN-networking environment, the computing device 12 isconnected to the local area network 51 through a network interface oradapter 53, which is one type of communications device. When used in aWAN-networking environment, the computing device 12 typically includes amodem 54, a type of communications device, or any other type ofcommunications device for establishing communications over the wide areanetwork 52, such as the Internet. The modem 54, which may be internal orexternal, is connected to the system bus 23 via the serial portinterface 46. In a networked environment, program modules depictedrelative to the personal computing device 12, or portions thereof, maybe stored in the remote computer 49 and/or the remote memory storagedevice 50. It is appreciated that the network connections shown areexemplary and other means of and communications devices for establishinga communications link between the computers may be used.

The computing device 12 and related components have been presentedherein by way of particular example and also by abstraction in order tofacilitate a high-level view of the concepts disclosed. The actualtechnical design and implementation may vary based on particularimplementation while maintaining the overall nature of the conceptsdisclosed.

In some embodiments, the system memory 22 stores computer executableinstructions that when executed by one or more processors cause the oneor more processors to perform all or portions of one or more of themethods (including the methods 400-800 illustrated in FIGS. 4-8,respectively) described above. Such instructions may be stored on one ormore non-transitory computer-readable media.

Operations of processes described herein can be performed in anysuitable order unless otherwise indicated herein or otherwise clearlycontradicted by context. Processes described herein (or variationsand/or combinations thereof) may be performed under the control of oneor more computer systems configured with executable instructions and maybe implemented as code (e.g., executable instructions, one or morecomputer programs or one or more applications) executing collectively onone or more processors, by hardware or combinations thereof. The codemay be stored on a computer-readable storage medium, for example, in theform of a computer program including a plurality of instructionsexecutable by one or more processors. The computer-readable storagemedium may be non-transitory.

The use of any and all examples, or exemplary language (e.g., “such as”)provided herein, is intended merely to better illuminate embodiments ofthe invention and does not pose a limitation on the scope of theinvention unless otherwise claimed. No language in the specificationshould be construed as indicating any non-claimed element as essentialto the practice of the invention.

Preferred embodiments of this disclosure are described herein, includingthe best mode known to the inventors for carrying out the invention.Variations of those preferred embodiments may become apparent to thoseof ordinary skill in the art upon reading the foregoing description. Theinventors expect skilled artisans to employ such variations asappropriate and the inventors intend for embodiments of the presentdisclosure to be practiced otherwise than as specifically describedherein. Accordingly, the scope of the present disclosure includes allmodifications and equivalents of the subject matter recited in theclaims appended hereto as permitted by applicable law. Moreover, anycombination of the above-described elements in all possible variationsthereof is encompassed by the scope of the present disclosure unlessotherwise indicated herein or otherwise clearly contradicted by context.

All references, including publications, patent applications and patents,cited herein are hereby incorporated by reference to the same extent asif each reference were individually and specifically indicated to beincorporated by reference and were set forth in its entirety herein.

The invention claimed is:
 1. A system comprising: a network having aring topology and comprising a plurality of computing devices, theplurality of computing devices implementing a plurality of nodes, atleast a portion of the plurality of nodes implementing user accountsthat each store units of a virtual currency, each of at least a portionof the nodes being configured to initiate a transaction as a sender nodewith a different recipient one of the plurality of nodes, thetransaction transferring at least one unit of the virtual currency froma sender one of the user accounts to a recipient one of the useraccounts, the recipient node being configured to validate thetransaction, create a new transaction receipt after validating thetransaction, perform an operation on the new transaction receipt toidentify a different storage one of the plurality of nodes, and routethe new transaction receipt to the storage node, the storage node beingconfigured to store the new transaction receipt, identify next storageones of the plurality of nodes, and route copies of the new transactionreceipt to the next storage nodes for storage thereby; and at least onemint computing device connected to the network, the at least one mintcomputing device implementing a virtual currency mint configured tocreate and issue units of the virtual currency to the user accountsimplemented by the plurality of nodes, the user accounts beingconfigured to receive and store units of the virtual currency issued bythe virtual currency mint, the plurality of nodes being incapable ofcreating units of the virtual currency.
 2. The system of claim 1,wherein the sender node is implemented by a first of the plurality ofcomputing devices, the recipient node is implemented by a second of theplurality of computing devices, and the storage node is implemented by athird of the plurality of computing devices, the first, second, andthird computing devices being different from one another.
 3. The systemof claim 2, wherein each of the next storage nodes is implemented by adifferent one of the plurality of computing devices directly connectedto the third computing device in the network.
 4. The system of claim 1,wherein each of the plurality of computing devices stores a local copyof a distributed hash table, the sender node is implemented by a senderone of the plurality of computing devices; the recipient account isassociated with an account identifier, and the sender node is configuredto lookup the account identifier in the local copy of the distributedhash table stored on the sender computing device to obtain a recipientaddress, wherein initiating the transaction comprises sending atransaction request to the recipient address.
 5. The system of claim 1,wherein the sender node is configured to obtain a copy of the newtransaction receipt, and store the copy in a local storage accessible tothe sender node.
 6. The system of claim 1, wherein the sender nodecomprises a local storage storing a plurality of transaction receiptsassociated with the sender account, and initiating the transactioncomprises; obtaining copies of the transaction receipts associated withthe sender account and stored in the local storage; creating atransaction request comprising the copies of the transaction receipts;and sending the transaction request to the recipient node.
 7. The systemof claim 6, wherein the transaction receipts associated with the senderaccount and stored in the local storage implement a doubly linked list.8. The system of claim 6, wherein the copies of the transaction receiptsin the transaction request are first copies of the transaction receipts,and the recipient node is configured to: send requests to at least aportion of the plurality of nodes for copies of any transaction receiptsassociated with the sender account, receive as second copies of thetransaction receipts, transaction receipts associated with the senderaccount from each of only a subset of the plurality of nodes, andvalidate the transaction based on the first and second copies of thetransaction receipts.
 9. The system of claim 6, wherein the sender nodeis configured to obtain a copy of the new transaction receipt, and storethe copy of the new transaction receipt in the local storage.
 10. Thesystem of claim 1, wherein the recipient node is configured to: validatethe transaction without involving a validation authority, obtainvalidation information from only a subset of the plurality of nodes, andvalidate the transaction based on the validation information.
 11. Thesystem of claim 10, wherein the validation information comprises copiesof a plurality of transaction receipts associated with the senderaccount.
 12. The system of claim 1, wherein each of the plurality ofcomputing devices stores a local copy of a distributed hash table, therecipient node is implemented by a recipient one of the plurality ofcomputing devices, and the operation performed on the new transactionreceipt by the recipient node comprises: performing a hash function onat least a portion of the new transaction receipt to obtain a hashvalue; and looking up the hash value in the distributed hash tablestored on the recipient computing device to obtain an address associatedwith the storage node, wherein routing the new transaction receipt tothe storage node comprises routing the new transaction receipt to theaddress associated with the storage node.
 13. The system of claim 1,wherein the virtual currency mint creates and issues units of thevirtual currency to the user accounts in exchange for units of a realworld currency.
 14. The system of claim 1, wherein the virtual currencymint is configured to receive units of the virtual currency from theuser accounts, and exchange those received units for units of a realworld currency.
 15. A computer implemented method comprising:implementing, at a sender one of a plurality of computing devices withina network having a ring topology, a sender node comprising a senderaccount, each of the plurality of computing devices within the networkbeing incapable of creating one or more units of a virtual currency;implementing, by at least one mint computing device connected to thenetwork, a virtual currency mint; creating, at the virtual currencymint, units of the virtual currency; issuing, by the virtual currencymint, at least one of the units of the virtual currency to the senderaccount; identifying, at the sender node, a recipient one of theplurality of computing devices within the network, the recipientcomputing device implementing a recipient node comprising a recipientaccount; initiating, at the sender node, a transaction with therecipient node, the transaction transferring at least one unit of thevirtual currency issued to the sender account from the sender account tothe recipient account; validating, at the recipient node, thetransaction; creating, at the recipient node, a new transaction receiptafter the transaction has been validated; performing, at the recipientnode, an operation on the new transaction receipt to obtain a value;identifying, at the recipient node, a storage one of the plurality ofcomputing devices within the network using the value, the storagecomputing device implementing a storage node; routing, by the recipientnode, the new transaction receipt to the storage node; storing, at thestorage node, the new transaction receipt; identifying, at the storagenode, next storage ones of the plurality of computing devices within thenetwork, the next computing devices implementing next storage nodes; androuting, by the storage node, copies of the new transaction receipt othe next storage nodes for storage thereby.
 16. The method of claim 15,wherein the sender, recipient, storage computing devices are differentfrom one another.
 17. The method of claim 15, wherein the next storagecomputing devices are directly connected to the storage computing devicein the network.
 18. The method of claim 15, wherein each of theplurality of computing devices stores a local copy of a distributed hashtable, the recipient account is associated with an account identifier,and identifying the recipient computing device comprises looking up theaccount identifier in the local copy of the distributed hash tablestored on the sender computing device to obtain an address of therecipient computing device.
 19. The method of claim 15, wherein thesender node comprises a local storage storing a plurality of transactionreceipts associated with the sender account, and initiating thetransaction at the sender node comprises: obtaining copies of thetransaction receipts associated with the sender account and stored inthe local storage; creating a transaction request comprising the copiesof the transaction receipts; and sending the transaction request to therecipient computing device.
 20. The method of claim 19, wherein thecopies of the transaction receipts in the transaction request are firstcopies of the transaction receipts, and validating the transaction atthe recipient node comprises: sending requests to at least a portion ofthe plurality of computing devices in the network for copies of anytransaction receipts associated with the sender account, receiving assecond copies of the transaction receipts, transaction receiptsassociated with the sender account from each of only a subset of theplurality of computing devices in the network, and validating thetransaction based on the first and second copies of the transactionreceipts.
 21. The method of claim 15, wherein each of the plurality ofcomputing devices in the network stores a local copy of a distributedhash table, the value is a hash value, the operation performed on thenew transaction receipt at the recipient node comprises performing ahash function on at least a portion of the new transaction receipt toobtain the hash value, identifying the storage computing device usingthe value comprises looking up the hash value in the distributed hashtable stored on the recipient computing device to obtain an addressassociated with the storage computing device, and routing the newtransaction receipt to the storage node comprises routing the newtransaction receipt to the address associated with the storage computingdevice.
 22. The method of claim 15, wherein after the new transactionreceipt has been routed to the storage node, the transaction isirreversible.